isabelle: doc-src/TutorialI/Overview/Isar.thy@0fb011773adc (annotated)

16417 9bc16273c2d4 migrated theory headers to new format haftmann parents: 13249 diff changeset	1	theory Isar imports Sets begin
11235 860c65c7388a * empty log message * nipkow parents: diff changeset	2
860c65c7388a * empty log message * nipkow parents: diff changeset	3	section{A Taste of Structured Proofs in Isar}
860c65c7388a * empty log message * nipkow parents: diff changeset	4
860c65c7388a * empty log message * nipkow parents: diff changeset	5	lemma [intro?]: "mono f \<Longrightarrow> x \<in> f (lfp f) \<Longrightarrow> x \<in> lfp f"
860c65c7388a * empty log message * nipkow parents: diff changeset	6	by(simp only: lfp_unfold [symmetric])
860c65c7388a * empty log message * nipkow parents: diff changeset	7
860c65c7388a * empty log message * nipkow parents: diff changeset	8	lemma "lfp(\<lambda>T. A \<union> M\<inverse> `` T) = {s. \<exists>t. (s,t) \<in> M\<^sup>* \<and> t \<in> A}"
860c65c7388a * empty log message * nipkow parents: diff changeset	9	(is "lfp ?F = ?toA")
860c65c7388a * empty log message * nipkow parents: diff changeset	10	proof
860c65c7388a * empty log message * nipkow parents: diff changeset	11	show "lfp ?F \<subseteq> ?toA"
12815 1f073030b97a tuned; wenzelm parents: 11238 diff changeset	12	by (blast intro!: lfp_lowerbound intro: rtrancl_trans)
13249 4b3de6370184 * empty log message * nipkow parents: 12815 diff changeset	13	next
11235 860c65c7388a * empty log message * nipkow parents: diff changeset	14	show "?toA \<subseteq> lfp ?F"
860c65c7388a * empty log message * nipkow parents: diff changeset	15	proof
860c65c7388a * empty log message * nipkow parents: diff changeset	16	fix s assume "s \<in> ?toA"
11238 1d789889c922 * empty log message * nipkow parents: 11235 diff changeset	17	then obtain t where stM: "(s,t) \<in> M\<^sup>*" and tA: "t \<in> A"
1d789889c922 * empty log message * nipkow parents: 11235 diff changeset	18	by blast
11235 860c65c7388a * empty log message * nipkow parents: diff changeset	19	from stM show "s \<in> lfp ?F"
860c65c7388a * empty log message * nipkow parents: diff changeset	20	proof (rule converse_rtrancl_induct)
860c65c7388a * empty log message * nipkow parents: diff changeset	21	from tA have "t \<in> ?F (lfp ?F)" by blast
860c65c7388a * empty log message * nipkow parents: diff changeset	22	with mono_ef show "t \<in> lfp ?F" ..
13249 4b3de6370184 * empty log message * nipkow parents: 12815 diff changeset	23	next
11238 1d789889c922 * empty log message * nipkow parents: 11235 diff changeset	24	fix s s' assume "(s,s') \<in> M" and "(s',t) \<in> M\<^sup>*"
1d789889c922 * empty log message * nipkow parents: 11235 diff changeset	25	and "s' \<in> lfp ?F"
11235 860c65c7388a * empty log message * nipkow parents: diff changeset	26	then have "s \<in> ?F (lfp ?F)" by blast
860c65c7388a * empty log message * nipkow parents: diff changeset	27	with mono_ef show "s \<in> lfp ?F" ..
860c65c7388a * empty log message * nipkow parents: diff changeset	28	qed
860c65c7388a * empty log message * nipkow parents: diff changeset	29	qed
860c65c7388a * empty log message * nipkow parents: diff changeset	30	qed
860c65c7388a * empty log message * nipkow parents: diff changeset	31
860c65c7388a * empty log message * nipkow parents: diff changeset	32	end
860c65c7388a * empty log message * nipkow parents: diff changeset	33

author	wenzelm
	Wed, 02 Jun 2010 13:18:21 +0200
changeset 37280	0fb011773adc
parent 16417	9bc16273c2d4
permissions	-rw-r--r--